Added the naxsi (http://code.google.com/p/naxsi/) module, an applicative firewall for nginx.diff -r1.21 -r1.22 pkgsrc/www/nginx/Makefile
(imil)
@@ -1,14 +1,14 @@ | @@ -1,14 +1,14 @@ | |||
1 | # $NetBSD: Makefile,v 1.21 2012/04/17 21:12:42 shattered Exp $ | 1 | # $NetBSD: Makefile,v 1.22 2012/04/21 10:32:47 imil Exp $ | |
2 | 2 | |||
3 | DISTNAME= nginx-1.0.15 | 3 | DISTNAME= nginx-1.0.15 | |
4 | CATEGORIES= www | 4 | CATEGORIES= www | |
5 | MASTER_SITES= http://nginx.org/download/ | 5 | MASTER_SITES= http://nginx.org/download/ | |
6 | DISTFILES= ${DEFAULT_DISTFILES} | 6 | DISTFILES= ${DEFAULT_DISTFILES} | |
7 | 7 | |||
8 | MAINTAINER= joerg@NetBSD.org | 8 | MAINTAINER= joerg@NetBSD.org | |
9 | HOMEPAGE= http://nginx.org/ | 9 | HOMEPAGE= http://nginx.org/ | |
10 | COMMENT= Lightweight HTTP server and mail proxy server | 10 | COMMENT= Lightweight HTTP server and mail proxy server | |
11 | LICENSE= 2-clause-bsd | 11 | LICENSE= 2-clause-bsd | |
12 | 12 | |||
13 | PKG_DESTDIR_SUPPORT= user-destdir | 13 | PKG_DESTDIR_SUPPORT= user-destdir | |
14 | .include "../../mk/bsd.prefs.mk" | 14 | .include "../../mk/bsd.prefs.mk" | |
@@ -40,56 +40,64 @@ CONFIGURE_ARGS+= --sbin-path=${PREFIX}/s | @@ -40,56 +40,64 @@ CONFIGURE_ARGS+= --sbin-path=${PREFIX}/s | |||
40 | CONFIGURE_ARGS+= --conf-path=${PKG_SYSCONFDIR}/nginx.conf | 40 | CONFIGURE_ARGS+= --conf-path=${PKG_SYSCONFDIR}/nginx.conf | |
41 | CONFIGURE_ARGS+= --pid-path=${NGINX_PIDDIR}/nginx.pid | 41 | CONFIGURE_ARGS+= --pid-path=${NGINX_PIDDIR}/nginx.pid | |
42 | CONFIGURE_ARGS+= --lock-path=${NGINX_DATADIR}/nginx.lock | 42 | CONFIGURE_ARGS+= --lock-path=${NGINX_DATADIR}/nginx.lock | |
43 | CONFIGURE_ARGS+= --error-log-path=${NGINX_LOGDIR}/error.log | 43 | CONFIGURE_ARGS+= --error-log-path=${NGINX_LOGDIR}/error.log | |
44 | CONFIGURE_ARGS+= --http-log-path=${NGINX_LOGDIR}/access.log | 44 | CONFIGURE_ARGS+= --http-log-path=${NGINX_LOGDIR}/access.log | |
45 | CONFIGURE_ARGS+= --http-client-body-temp-path=${NGINX_DATADIR}/client_body_temp | 45 | CONFIGURE_ARGS+= --http-client-body-temp-path=${NGINX_DATADIR}/client_body_temp | |
46 | CONFIGURE_ARGS+= --http-proxy-temp-path=${NGINX_DATADIR}/proxy_temp | 46 | CONFIGURE_ARGS+= --http-proxy-temp-path=${NGINX_DATADIR}/proxy_temp | |
47 | CONFIGURE_ARGS+= --http-fastcgi-temp-path=${NGINX_DATADIR}/fstcgi_temp | 47 | CONFIGURE_ARGS+= --http-fastcgi-temp-path=${NGINX_DATADIR}/fstcgi_temp | |
48 | 48 | |||
49 | .include "../../mk/bsd.prefs.mk" | 49 | .include "../../mk/bsd.prefs.mk" | |
50 | 50 | |||
51 | PKG_SYSCONFSUBDIR= nginx | 51 | PKG_SYSCONFSUBDIR= nginx | |
52 | 52 | |||
53 | .include "options.mk" | |||
54 | ||||
53 | EGDIR= ${PREFIX}/share/examples/nginx | 55 | EGDIR= ${PREFIX}/share/examples/nginx | |
54 | EGFILES+= fastcgi.conf fastcgi_params koi-utf koi-win \ | 56 | EGFILES+= fastcgi.conf fastcgi_params koi-utf koi-win \ | |
55 | mime.types nginx.conf win-utf | 57 | mime.types nginx.conf win-utf | |
56 | 58 | |||
57 | .for file in ${EGFILES} | 59 | .for file in ${EGFILES} | |
58 | CONF_FILES+= ${EGDIR}/conf/${file} ${PKG_SYSCONFDIR}/${file} | 60 | CONF_FILES+= ${EGDIR}/conf/${file} ${PKG_SYSCONFDIR}/${file} | |
61 | . if !empty(PKG_OPTIONS:Mnaxsi) | |||
62 | CONF_FILES+= ${EGDIR}/conf/naxsi_core.rules | |||
63 | CONF_FILES+= ${PKG_SYSCONFDIR}/naxsi_core.rules | |||
64 | . endif | |||
59 | .endfor | 65 | .endfor | |
60 | 66 | |||
61 | RCD_SCRIPTS= nginx | 67 | RCD_SCRIPTS= nginx | |
62 | 68 | |||
63 | INSTALLATION_DIRS= ${PKGMANDIR}/man8 sbin share/examples/nginx/conf \ | 69 | INSTALLATION_DIRS= ${PKGMANDIR}/man8 sbin share/examples/nginx/conf \ | |
64 | share/examples/nginx/html | 70 | share/examples/nginx/html | |
65 | MAKE_DIRS+= ${NGINX_PIDDIR} | 71 | MAKE_DIRS+= ${NGINX_PIDDIR} | |
66 | OWN_DIRS= ${NGINX_LOGDIR} | 72 | OWN_DIRS= ${NGINX_LOGDIR} | |
67 | OWN_DIRS_PERMS+= ${NGINX_DATADIR} ${NGINX_USER} ${NGINX_GROUP} 0700 | 73 | OWN_DIRS_PERMS+= ${NGINX_DATADIR} ${NGINX_USER} ${NGINX_GROUP} 0700 | |
68 | 74 | |||
69 | BUILD_TARGET= build | 75 | BUILD_TARGET= build | |
70 | 76 | |||
71 | SUBST_CLASSES+= paths | 77 | SUBST_CLASSES+= paths | |
72 | SUBST_STAGE.paths= pre-configure | 78 | SUBST_STAGE.paths= pre-configure | |
73 | SUBST_FILES.paths= conf/nginx.conf | 79 | SUBST_FILES.paths= conf/nginx.conf | |
74 | SUBST_SED.paths= -e 's,%%PKG_SYSCONFDIR%%,${PKG_SYSCONFDIR},g' | 80 | SUBST_SED.paths= -e 's,%%PKG_SYSCONFDIR%%,${PKG_SYSCONFDIR},g' | |
75 | SUBST_SED.paths+= -e 's,%%NGINX_LOGDIR%%,${NGINX_LOGDIR},g' | 81 | SUBST_SED.paths+= -e 's,%%NGINX_LOGDIR%%,${NGINX_LOGDIR},g' | |
76 | SUBST_SED.paths+= -e 's,%%NGINX_PIDDIR%%,${NGINX_PIDDIR},g' | 82 | SUBST_SED.paths+= -e 's,%%NGINX_PIDDIR%%,${NGINX_PIDDIR},g' | |
77 | SUBST_SED.paths+= -e 's,%%NGINX_USER%%,${NGINX_USER},g' | 83 | SUBST_SED.paths+= -e 's,%%NGINX_USER%%,${NGINX_USER},g' | |
78 | SUBST_SED.paths+= -e 's,%%NGINX_GROUP%%,${NGINX_GROUP},g' | 84 | SUBST_SED.paths+= -e 's,%%NGINX_GROUP%%,${NGINX_GROUP},g' | |
79 | 85 | |||
80 | MESSAGE_SUBST+= NGINX_LOGDIR=${NGINX_LOGDIR} | 86 | MESSAGE_SUBST+= NGINX_LOGDIR=${NGINX_LOGDIR} | |
81 | MESSAGE_SUBST+= NGINX_PIDDIR=${NGINX_PIDDIR} | 87 | MESSAGE_SUBST+= NGINX_PIDDIR=${NGINX_PIDDIR} | |
82 | 88 | |||
83 | .include "options.mk" | |||
84 | ||||
85 | do-install: | 89 | do-install: | |
86 | ${INSTALL_PROGRAM} ${WRKSRC}/objs/nginx ${DESTDIR}${PREFIX}/sbin/nginx | 90 | ${INSTALL_PROGRAM} ${WRKSRC}/objs/nginx ${DESTDIR}${PREFIX}/sbin/nginx | |
87 | .for file in ${EGFILES} | 91 | .for file in ${EGFILES} | |
88 | ${INSTALL_DATA} ${WRKSRC}/conf/${file} ${DESTDIR}${EGDIR}/conf/${file} | 92 | ${INSTALL_DATA} ${WRKSRC}/conf/${file} ${DESTDIR}${EGDIR}/conf/${file} | |
89 | .endfor | 93 | .endfor | |
90 | ${INSTALL_DATA} ${WRKSRC}/html/50x.html ${DESTDIR}${EGDIR}/html/50x.html | 94 | ${INSTALL_DATA} ${WRKSRC}/html/50x.html ${DESTDIR}${EGDIR}/html/50x.html | |
91 | ${INSTALL_DATA} ${WRKSRC}/html/index.html ${DESTDIR}${EGDIR}/html/index.html | 95 | ${INSTALL_DATA} ${WRKSRC}/html/index.html ${DESTDIR}${EGDIR}/html/index.html | |
92 | ${INSTALL_MAN} ${WRKSRC}/man/nginx.8 ${DESTDIR}${PREFIX}/${PKGMANDIR}/man8 | 96 | ${INSTALL_MAN} ${WRKSRC}/man/nginx.8 ${DESTDIR}${PREFIX}/${PKGMANDIR}/man8 | |
97 | .if !empty(PKG_OPTIONS:Mnaxsi) | |||
98 | ${INSTALL_DATA} ${WRKDIR}/${NAXSI}/naxsi_config/naxsi_core.rules ${DESTDIR}${EGDIR}/conf | |||
99 | .endif | |||
100 | ||||
93 | 101 | |||
94 | .include "../../devel/zlib/buildlink3.mk" | 102 | .include "../../devel/zlib/buildlink3.mk" | |
95 | .include "../../mk/bsd.pkg.mk" | 103 | .include "../../mk/bsd.pkg.mk" |
@@ -1,14 +1,15 @@ | @@ -1,14 +1,15 @@ | |||
1 | @comment $NetBSD: PLIST,v 1.5 2011/06/10 10:36:18 joerg Exp $ | 1 | @comment $NetBSD: PLIST,v 1.6 2012/04/21 10:32:47 imil Exp $ | |
2 | man/man8/nginx.8 | 2 | man/man8/nginx.8 | |
3 | sbin/nginx | 3 | sbin/nginx | |
4 | share/examples/nginx/conf/fastcgi.conf | 4 | share/examples/nginx/conf/fastcgi.conf | |
5 | share/examples/nginx/conf/fastcgi_params | 5 | share/examples/nginx/conf/fastcgi_params | |
6 | share/examples/nginx/conf/koi-utf | 6 | share/examples/nginx/conf/koi-utf | |
7 | share/examples/nginx/conf/koi-win | 7 | share/examples/nginx/conf/koi-win | |
8 | share/examples/nginx/conf/mime.types | 8 | share/examples/nginx/conf/mime.types | |
9 | share/examples/nginx/conf/nginx.conf | 9 | share/examples/nginx/conf/nginx.conf | |
10 | ${PLIST.uwsgi}share/examples/nginx/conf/uwsgi_params | 10 | ${PLIST.uwsgi}share/examples/nginx/conf/uwsgi_params | |
11 | ${PLIST.naxsi}share/examples/nginx/conf/naxsi_core.rules | |||
11 | share/examples/nginx/conf/win-utf | 12 | share/examples/nginx/conf/win-utf | |
12 | share/examples/nginx/html/50x.html | 13 | share/examples/nginx/html/50x.html | |
13 | share/examples/nginx/html/index.html | 14 | share/examples/nginx/html/index.html | |
14 | share/examples/rc.d/nginx | 15 | share/examples/rc.d/nginx |
@@ -1,13 +1,16 @@ | @@ -1,13 +1,16 @@ | |||
1 | $NetBSD: distinfo,v 1.17 2012/04/17 21:12:42 shattered Exp $ | 1 | $NetBSD: distinfo,v 1.18 2012/04/21 10:32:47 imil Exp $ | |
2 | 2 | |||
3 | SHA1 (naxsi-0.45.tgz) = e1f29219fc9f7d3b39c4abfac558816f6046363b | |||
4 | RMD160 (naxsi-0.45.tgz) = bbb535c3f22c4951263a80a962ea0d8fa2208cbd | |||
5 | Size (naxsi-0.45.tgz) = 175358 bytes | |||
3 | SHA1 (nginx-1.0.15.tar.gz) = e506b301ea849f58f2efb499d77b819fe55eea9a | 6 | SHA1 (nginx-1.0.15.tar.gz) = e506b301ea849f58f2efb499d77b819fe55eea9a | |
4 | RMD160 (nginx-1.0.15.tar.gz) = 99653499916b81fb0f5842755484983606cea5ec | 7 | RMD160 (nginx-1.0.15.tar.gz) = 99653499916b81fb0f5842755484983606cea5ec | |
5 | Size (nginx-1.0.15.tar.gz) = 693025 bytes | 8 | Size (nginx-1.0.15.tar.gz) = 693025 bytes | |
6 | SHA1 (nginx_http_push_module-0.692.tar.gz) = 72103084cad8f4d3d9a49a6b04cf780e4541605d | 9 | SHA1 (nginx_http_push_module-0.692.tar.gz) = 72103084cad8f4d3d9a49a6b04cf780e4541605d | |
7 | RMD160 (nginx_http_push_module-0.692.tar.gz) = 9d2be16074cf28115af0f1d8f3646937cda649ad | 10 | RMD160 (nginx_http_push_module-0.692.tar.gz) = 9d2be16074cf28115af0f1d8f3646937cda649ad | |
8 | Size (nginx_http_push_module-0.692.tar.gz) = 29119 bytes | 11 | Size (nginx_http_push_module-0.692.tar.gz) = 29119 bytes | |
9 | SHA1 (nginx_upload_module-2.2.0.tar.gz) = 93d6e83e613a0ce2ed057a434b344fa1b6609b47 | 12 | SHA1 (nginx_upload_module-2.2.0.tar.gz) = 93d6e83e613a0ce2ed057a434b344fa1b6609b47 | |
10 | RMD160 (nginx_upload_module-2.2.0.tar.gz) = 5734af837be3fe8ec444a7e5e7f6707118594098 | 13 | RMD160 (nginx_upload_module-2.2.0.tar.gz) = 5734af837be3fe8ec444a7e5e7f6707118594098 | |
11 | Size (nginx_upload_module-2.2.0.tar.gz) = 25796 bytes | 14 | Size (nginx_upload_module-2.2.0.tar.gz) = 25796 bytes | |
12 | SHA1 (patch-aa) = adf433d1b56a88c6c2ed09c4bd54fdb1a336582f | 15 | SHA1 (patch-aa) = adf433d1b56a88c6c2ed09c4bd54fdb1a336582f | |
13 | SHA1 (patch-ab) = 6f20ef8ac9a042faf7e22770de7c16b351cb1191 | 16 | SHA1 (patch-ab) = 6f20ef8ac9a042faf7e22770de7c16b351cb1191 |
@@ -1,22 +1,22 @@ | @@ -1,22 +1,22 @@ | |||
1 | # $NetBSD: options.mk,v 1.13 2012/03/13 10:00:14 fhajny Exp $ | 1 | # $NetBSD: options.mk,v 1.14 2012/04/21 10:32:47 imil Exp $ | |
2 | 2 | |||
3 | PKG_OPTIONS_VAR= PKG_OPTIONS.nginx | 3 | PKG_OPTIONS_VAR= PKG_OPTIONS.nginx | |
4 | PKG_SUPPORTED_OPTIONS= dav flv gtools inet6 mail-proxy memcache pcre \ | 4 | PKG_SUPPORTED_OPTIONS= dav flv gtools inet6 mail-proxy memcache naxsi pcre \ | |
5 | push realip ssl sub uwsgi image-filter upload debug \ | 5 | push realip ssl sub uwsgi image-filter upload debug \ | |
6 | status | 6 | status | |
7 | PKG_SUGGESTED_OPTIONS= pcre ssl | 7 | PKG_SUGGESTED_OPTIONS= pcre ssl | |
8 | 8 | |||
9 | PLIST_VARS+= uwsgi | 9 | PLIST_VARS+= naxsi uwsgi | |
10 | 10 | |||
11 | .include "../../mk/bsd.options.mk" | 11 | .include "../../mk/bsd.options.mk" | |
12 | 12 | |||
13 | .if !empty(PKG_OPTIONS:Mdebug) | 13 | .if !empty(PKG_OPTIONS:Mdebug) | |
14 | CONFIGURE_ARGS+= --with-debug | 14 | CONFIGURE_ARGS+= --with-debug | |
15 | .endif | 15 | .endif | |
16 | 16 | |||
17 | .if !empty(PKG_OPTIONS:Mssl) | 17 | .if !empty(PKG_OPTIONS:Mssl) | |
18 | .include "../../security/openssl/buildlink3.mk" | 18 | .include "../../security/openssl/buildlink3.mk" | |
19 | CONFIGURE_ARGS+= --with-mail_ssl_module | 19 | CONFIGURE_ARGS+= --with-mail_ssl_module | |
20 | CONFIGURE_ARGS+= --with-http_ssl_module | 20 | CONFIGURE_ARGS+= --with-http_ssl_module | |
21 | .endif | 21 | .endif | |
22 | 22 | |||
@@ -41,26 +41,38 @@ CONFIGURE_ARGS+= --with-http_sub_module | @@ -41,26 +41,38 @@ CONFIGURE_ARGS+= --with-http_sub_module | |||
41 | 41 | |||
42 | .if !empty(PKG_OPTIONS:Mgtools) | 42 | .if !empty(PKG_OPTIONS:Mgtools) | |
43 | CONFIGURE_ARGS+= --with-google_perftools_module | 43 | CONFIGURE_ARGS+= --with-google_perftools_module | |
44 | .endif | 44 | .endif | |
45 | 45 | |||
46 | .if !empty(PKG_OPTIONS:Mmail-proxy) | 46 | .if !empty(PKG_OPTIONS:Mmail-proxy) | |
47 | CONFIGURE_ARGS+= --with-mail | 47 | CONFIGURE_ARGS+= --with-mail | |
48 | .endif | 48 | .endif | |
49 | 49 | |||
50 | .if empty(PKG_OPTIONS:Mmemcache) | 50 | .if empty(PKG_OPTIONS:Mmemcache) | |
51 | CONFIGURE_ARGS+= --without-http_memcached_module | 51 | CONFIGURE_ARGS+= --without-http_memcached_module | |
52 | .endif | 52 | .endif | |
53 | 53 | |||
54 | .if !empty(PKG_OPTIONS:Mnaxsi) | |||
55 | PLIST.naxsi= yes | |||
56 | CONFIGURE_ARGS+= --add-module=../${NAXSI}/naxsi_src | |||
57 | .endif | |||
58 | ||||
59 | .if !empty(PKG_OPTIONS:Mnaxsi) || make(makesum) | |||
60 | NAXSI= naxsi-0.45 | |||
61 | NAXSI_DISTFILE= ${NAXSI}.tgz | |||
62 | SITES.${NAXSI_DISTFILE}= http://naxsi.googlecode.com/files/ | |||
63 | DISTFILES+= ${NAXSI_DISTFILE} | |||
64 | .endif | |||
65 | ||||
54 | .if !empty(PKG_OPTIONS:Mrealip) | 66 | .if !empty(PKG_OPTIONS:Mrealip) | |
55 | CONFIGURE_ARGS+= --with-http_realip_module | 67 | CONFIGURE_ARGS+= --with-http_realip_module | |
56 | .endif | 68 | .endif | |
57 | 69 | |||
58 | .if !empty(PKG_OPTIONS:Minet6) | 70 | .if !empty(PKG_OPTIONS:Minet6) | |
59 | CONFIGURE_ARGS+= --with-ipv6 | 71 | CONFIGURE_ARGS+= --with-ipv6 | |
60 | .endif | 72 | .endif | |
61 | 73 | |||
62 | .if !empty(PKG_OPTIONS:Muwsgi) | 74 | .if !empty(PKG_OPTIONS:Muwsgi) | |
63 | EGFILES+= uwsgi_params | 75 | EGFILES+= uwsgi_params | |
64 | PLIST.uwsgi= yes | 76 | PLIST.uwsgi= yes | |
65 | .else | 77 | .else | |
66 | CONFIGURE_ARGS+= --without-http_uwsgi_module | 78 | CONFIGURE_ARGS+= --without-http_uwsgi_module |